UC Home Maps A-Z Index Web Search People Search UC Tools  
University of Cincinnati - UCit   University of Cincinnati - Home
 
 

Services - Secure Sockets Layer (SSL)


Introduction

SSL technology is the industry-standard method for protecting Web communications. The SSL security protocol provides data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection. Because SSL is built into all major browsers and Web servers, simply installing a digital certificate turns on their SSL capabilities. By convention, URLs that require an SSL connection start with https: instead of http: .   UCit provides a for-fee commercial offering (hotlink to topic below) service using GeoTrust and a free in-house offering (Hotlink to topic below) for both server and personal certificates.  For questions on either of these two offerings, please e-mail Information Security (mainsec@uc.edu).

How do I know if I need to secure my site?

Using SSL is a method of ensuring compliance with the policy on student privacy as specified by the Family Educational Rights and Privacy Act of 1974 (FERPA).
If your site captures or sends personal information, such as social security numbers or home addresses, you will want to secure that site with SSL.
People won't transact business at a Web site unless they are certain it is secure. They need to know your University service is real and that their communications with you are private. At the same time, you need to protect your electronic communications against improper access

Commercial Offering

The University of Cincinnati has chosen GeoTrust  as the provider of external server certificates.  All GeoTrust certificates enable up to 256-bit encryption and can be used to secure servers used for Web sites, intranets, extranets and other online applications.

For additional information, please visit the GeoTrust website and choose the Solutions link for Education.

What is the role of Information Security for the Commercial Offering?

Information Security acts in the role of Registration Authority (RA). This is an authority in a network that verifies a person's requests for a digital certificate and tells the Certificate Authority (CA - GeoTrust) to issue it. Since the RA has an established trusted relationship with the CA, the turnaround time is much faster than a person buying a certificate directly from the CA.

What are the associated costs?

The UC cost for a 1 year new and or renewal certificate is $175.
The UC cost for a 2 year new or renewal certificate is $300.
If you know your budget number, you may provide it in the Comments section of the Certificate Signing Request (CSR).

Obtaining a Commercial SSL Certificate at UC

To request an SSL certificate at UC, you must be a full-time UC employee and follow the steps below:

  1. To begin the process, if you don’t already have one, request a static IP and a domain name (common name) for your Web Server from the UCit Network Operations Center. Web server administrators must ensure the common name has been approved by the Web Advisory Committee. Also, on the same form, you will need to request that port 443 is open for SSL for any application that will be accessed from outside of the UC Intranet. It is the responsibility of the requestor to ensure the UCit Network Operations Center has opened port 443, if needed. To access the form required to begin this process, go to:
    UCit's Request Static IP Address form
                   
  2. Next, go to the GeoTrust link for UC and follow the steps given to generate and submit the Certificate Signing Request (CSR).

For questions, please e-mail Information Security (mainsec@uc.edu).

In-House Offering

In-house certificates will be used when the server or Web site is internal to UC and the consumers of the website service are University faculty, staff, or students. Also, individuals can apply for a personal certificate for authentication, encryption and non-repudiation.

With the In-House offering, UCit is the CA (certificate authority) and Information Security is the RA (registration authority).  

How do I request an in-house server certificate?

In-house server certificates are provided by UCit free of charge and can be requested through UCit’s online ordering system, GETit

How do I request a personal SSL certificate?

In-house personal SSL certificates are provided by UCit free of charge and can be requested through UCit’s online ordering system, GETit

QUESTIONS?  Contact Information Security (mainsec@uc.edu).

 
InfoSec Home
Free Anti-Virus
PSS Help
Report an Incident
Security Update
 
 

Featured Article

 
 

It's all UC Footer rule line
 
Contact Us | University of Cincinnati | 2600 Clifton Ave., Cincinnati, Ohio 45221
Undergraduate Admission: 513-556-1100 | Graduate Admission: 513-556-4335
University Information: 513-556-6000 | Copyright Information © 2006